Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3aaf12854480f132eda76b79c4a0aba5_JaffaCakes118

  • Size

    766KB

  • Sample

    240711-zq55bswdmh

  • MD5

    3aaf12854480f132eda76b79c4a0aba5

  • SHA1

    a057ad2685260dcbe73e9194fbed700bcb51e621

  • SHA256

    d02a59a044460278a69de4126c143453a1e8527f89ba8e07b6278191698b54e9

  • SHA512

    188f71e16a8476a6956a6278087e8457a9f0188634353e5acdef21ef1049de8cb634ab06bc93236892f8a7ce50aa997c2d20811737ffe9623d08a97872ae6c1c

  • SSDEEP

    12288:YlNPK59a9tmaFonKp+qVQAR60ni6f3hu/7b/kdGt6+tbDMzN/4vsKa1z3L3r2YuR:eNPKnitmEocQAYWi6P0Dzkd66+tfMzN0

Score
10/10

Malware Config

Targets

    • Target

      3aaf12854480f132eda76b79c4a0aba5_JaffaCakes118

    • Size

      766KB

    • MD5

      3aaf12854480f132eda76b79c4a0aba5

    • SHA1

      a057ad2685260dcbe73e9194fbed700bcb51e621

    • SHA256

      d02a59a044460278a69de4126c143453a1e8527f89ba8e07b6278191698b54e9

    • SHA512

      188f71e16a8476a6956a6278087e8457a9f0188634353e5acdef21ef1049de8cb634ab06bc93236892f8a7ce50aa997c2d20811737ffe9623d08a97872ae6c1c

    • SSDEEP

      12288:YlNPK59a9tmaFonKp+qVQAR60ni6f3hu/7b/kdGt6+tbDMzN/4vsKa1z3L3r2YuR:eNPKnitmEocQAYWi6P0Dzkd66+tfMzN0

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies WinLogon

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks